Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

Another criterion to select the subset is to expose the cryptographic functions that are already supported by many devices. To minimize the footprint, the API in the subset supports only a default Cryptographic Service Provider.

defines an API to support application level digital signature signing (but not verification) and basic user credential management. To enable broader reuse, this API is independent of the type of security elements that are utilized by a J2ME device.

SATSA-CRYPTO

defines a subset of the J2security element cryptography API. It provides basic cryptographic operations to support message digest, signature verification, encryption, and decryption.

J2ME application is responsibility for making sure that it must not send an envelope to the SIM application toolkit application that would result in a proactive session being initiated via the APDUConnection interface.

A subset of the Java Card API. The subset includes the Exception classes defined in the packages javacard.framework, javacard.framework.service, and javacard.security

These exceptions may be thrown during a method invocation of a Java Card object because of cryptographic errors (the javacard.security package), card framework access errors (the javacard.framework package) or errors detected in accessing the card services (the javacard.framework.service package)

Based on the security framework implemented by the underlying platform, an implementation of a SATSA package must support either the MIDP 2.0 permissions applicable to that package or the functional equivalent J2security element style permission classes.

Based on the access control policy defined in a smart card, the device determines whether the J2ME application is allowed to access any function of the smart card, using theAPDUConnection or the JavaCardRMIConnection.

This specification was created to define an enhanced architecture and the associated APIs required to enable an open, third-party, application development environment for mobile information devices, or MIDs

An untrusted MIDlet suite is a MIDlet suite for which the origin and the integrity of the JAR file can NOT be trusted by the device.

Untrusted MIDlet suites MUST execute in the untrusted domain using a restricted environment where access to protected APIs or functions either is not allowed or is allowed with explicit user permission.

Each protection domain defines the permissions that may be granted to a MIDlet suite in that domain.

The protection domain owner specifies how the device identifies and verifies that it can trust a MIDlet suite and bind it to a protection domain with the permissions that authorize access to protected APIs or functions.

Using X.509 PKI, the trusted MIDlet Suites describes a mechanism for identifying trusted MIDlet suites though signing and verification.

If an implementation of this specification will recognize MIDlet suites signed using PKI as trusted MIDlet suites they must be signed and verified according to the formats and processes specified in Trusted MIDlet Using X.509 PKI.

The User permissions are any permissions for a protected API or function on the basis of MIDlet suite being bound to the protection domain and will allow access to protected API or function after the prompt given to the user and explicit user permission being granted.

valid from the invocation of a MIDlet suite until it terminates. "session" mode MUST prompt the user on or before the first invocation of the API or function which is protected. When the user re-invokes the MIDlet suite the prompt MUST be repeated.

Oneshot

MUST prompt the user on each invocation of the API or function which is protected.

The range of blanket to one shot action permission modes represents a tradeoff between usability and user notification and should behave smoothly and consistently with the human interface of the device.

If these attributes appear in the application descriptor they MUST be identical to corresponding attributes in the manifest. If they are not identical, the MIDlet suite MUST NOT be installed or invoked.

If any of the requested permissions are unknown to the device and are not marked as critical then they are removed from the requested permissions.

If any of the requested permissions are unknown to the device and marked as critical, the MIDlet suite MUST NOT be installed or invoked.

If any of the requested permissions are not present in the protection domain (Allowed or User) permission sets and the requested permission was marked as critical then the MIDlet suite does not have sufficient authorization and MUST NOT be installed or invoked.

If any of the requested permissions are not present in the protection domain (Allowed or User) permission sets, and the requested permissions are not marked as critical, the application MUST still be installed and MUST be able to be invoked by the user.

If any of the requested permissions match the User permissions of the protection domain then the user MUST explicitly provide authorization to grant those permissions to the MIDlet suite.

Signed MIDlet suites may become trusted by authenticating the signer of the MIDlet suite and binding it to a protection domain that will authorize the MIDlet suite to perform protected functions by granting permissions allowed in the protection domain.

The signer of the MIDlet suite is responsible to its protection domain root certificate owner for protecting the protection domain stake holder\'s assets and capabilities and, as such, must exercise due-diligence in checking the MIDlet suite before signing it.

In the case where there is a trusted relationship (possibly bound by legal agreements), a protection domain root certificate owner may delegate signing MIDlet suites to a third-party and in some circumstances, the author of the MIDlet.

The certification path consists of the signer certificate from the application descriptor and other certificates as needed up to but not including the root certificate.

Get the certification path for the signer certificate from the application descriptor attributes MIDlet-Certificate-1-<m> where <m> starts at 1 and is incremented by 1 until there is no attribute with the given name.

If attributes MIDlet-Certificate-<n>-<m> with <n> greater than 1 are present and full certification path could not be established after verifying MIDlet-Certificate-<1>-<m> certificates, repeatedly perform prior steps for the value <n> greater by 1 than the previous value.

The implementation of the authentication and authorization process may store and transfer the results for subsequent use and MUST ensure that the cached information can not be tampered with or otherwise compromised between the time it is computed from the JAR, application descriptor, and authentication information and the authorization information is used.

If other certificate revocation protocols are supported, support for these other protocols may indicate that a certificate has been revoked; in this case, it is permissible to consider the certificate as revoked regardless of the result returned by the OCSP protocol.

This encodes the origin of the MIDlet suite into the JAD (via the identity of the signer). If the certificate is revoked, all of the developer\'s signed MIDlets on every device for every user will have their execution permissions revoked.

This encodes the signers identity (not the MIDlet suite developer) into the JAD. If the certificate is revoked, all MIDlets signed with this particular certificate will have their execution permissions revoked.